Corente on VirtualBox revisited

Last week we started talking about setting up Corente and came to the conclusion that you can not run Corente Gateway in a VirtualBox. It turns out that not only was I wrong but I got a ton of mail from people like product managers, people who got it working, and people who generally did not agree with my conclusion. Ok, I will admit that I read the manuals, played with the suggested configurations, and tried deploying it on my own. It appears that I did a few things backwards and cornered myself into an area that caused things not to work. Today we are going to walk through the steps needed to get Corente up and running in your data center using VirtualBox as a sandbox.

The first thing that you absolutely need is a Corente admin account. Without this you will not be able to create a configuration to download and everything will fail. You should have received an account email from "no-reply-cloud@oracle.com" with the title "A VPN account was created for you". If you have multiple accounts you should have received multiple emails. This is a good thing if you got multiples. It is a bad thing if you did not get any. I received mine back on August 11th of this year. I received similar emails back on April 27th for some paid accounts that I have had for a while. The email reads

The VPN account information included in this email enables you to sign in to App Net Manager Service Portal when setting up Corente Services Gateway (cloud gateway) on Oracle Cloud, which is Step 2 of the setup process.Account Details

Username: a59878_adminPassword: --not shown--Corente Domain: a59878

Click here for additional details about how to access your account. The link takes you to the documentation on how to setup a service gateway. The document was last updated in August and goes through the workflow on how to setup a connection.

Step 1: Obtain a trial or paid subscription to Oracle Compute Cloud Service. After you subscribe to Oracle Compute Cloud Service, you will get your Corente credentials through email after you receive the Oracle Compute Cloud Service welcome email.

Step 2: Set up a Corente Services Gateway (on-premises gateway) in your data center. This is where everything went off the rails the first time. This actually is not step 2. Step 2 is to visit the App Net Manager and register your gateway using the credentials that you received in the email. I went down the foolish path of spinning up a Linux 6 instance and running the verification to make sure that the virtualization gets passed to the guest operating system. According to the documentation, this is step 2. VirtualBox fails all of the tests suggested. I then looked for a second way of running in VirtualBox and the old way, CSG-VE, is not intended to be used with the Oracle Cloud. The CSG-VE is different from the gateway deployment and is for legacy Corente customers. It was never intended to be a solution for the Oracle Cloud. If you follow the cookbooks that are available internal to Oracle you can make the Corente Service Gateway work properly. I found two cookbooks and both are too large to publish in this blog. I will try to summarize the key steps. Ask your local sales consultant to look for "Oracle Corente Cloud Services Cook Book" or "Oracle Cloud Platform - Corente VPN for PaaS and IaaS". Both walk you through installation with screen shots and recommended configurations.

Step 2a: Go to www.corente.com/web and execute the Java code that launches the App Net Manager. When I first did this it failed. I had to download a newer version of Java to get the javaws image to install. If you are on a Linux desktop you can do this with a w get http://javadl.oracle.com/webapps/download/AutoDL?BundleId=211989 or go to the web page https://java.com/en/download/linux_manual.jsp and download the Linux64 bundle. This allows you to uncompress and install the javaws binary and associate it with the jsp file provided on the Corente site. If you are on Windows or MacOS, go to https://java.com/en/download/ and it will figure out what your desktop is and ask you to download and install the latest version of Java. What you are looking for is a version with a JDK containing the javaws binary. This binary is called from the web browser and executes the downloadable scripts from the Corente site.

Step 2b: When you go to the www.corente.com/web site it will download java code and launch the App Manager. It should look like

The first time there will be no locations listed. We will need to add a location. It is important to note that the physical address that you use for the location has no relevance to the actual address of your server, gateway, or cloud hosting service. I have been cycling through major league baseball park addresses as my location. My gateway is currently located at Minute Maid Park in Houston and my desktop is at the Texas Rangers Ballpark in Arlington with my server at Wrigley Field in Chicago.

Step 2c: Launch the New Location Wizard. The information that will be needed is Name, address, maintenance window (date and reboot option), inline configuration, dhcp, dhcp client name is optional, and lan interface. Note that it is important to know ahead of time what your lan interface is going to be. Once you get your gateway configured and connected the only way to get back into this console is to do it from this network. When I first did this I did not write down the ip address and basically locked my account. I had to go to another account domain and retry the configuration. For the trial that I did I used 192.168.200.1 as the lan address and had it use 255.255.255.0 as the netmask. This will become your gateway for all subnets in your data center. By default there is a dhcp server in my house that assigns IP addresses to the 192.168.1.X network. You need to pick something different than this subnet because you can't have a broadband router acting as a gateway to the internet and a VPN router acting as a gateway router on the same subnet. The implication to this is that you will need to create a new network interface on your Oracle Compute Cloud instances that have a network connection that talk on the 192.168.200.X network. This is easy to do but selection of this network is important and writing it down is even more important. The wizard will continue and ask about adding the subnet to the Default User Group. Click Yes and add the 192.168.200.X subnet to this group.

Step 2e: We need to configure the instance with 2G of RAM, at least 44G of disk, and two network interfaces. The first interface needs to be configured as active using the Bridged Adapter. The second interface needs to be configured as active using the Internal Network. The bridged adapter is going to get assigned to the 192.168.1.X network by our home broadband DHCP server. The second network is going to be statically mapped to 192.168.200.1 by the configuration that you download from the App Manager. You also need to mount the iso image that was downloaded for the Corente Gateway Image. When the server boots it will load the operating system into the virtual disk and ask to reboot once the OS is loaded.

Step 3: Rather than rebooting the instance we should stop the reboot after shutdown happens and remove the iso as the default boot device. If we don't, we will go through the OS install again and it will keep looping until we do. Once we boot the OS it will ask us to download the configuration file from the App Manager. We do this by setting the download site to www.corente.com, selecting dhcp as the network configuration and entering our login information for the App Manager in the next screen.

Step 4: At this point we have a gateway configured in our data center (or home in my case) and need to setup a desktop server to connect through the VPN and access the App Manager. Up to this point we have connected to the app manager via our desktop to setup the initial configuration. From this point forward we will need to do so from an ip address in the 192.168.200.x network. If you try to connect to the app manager from your desktop you will get an error message and nothing can be done. To install a guest system we boot Linux 6 or Linux 7 into VirtualBox and connect to https://66.77.134.249. To do this we need to setup the network interfaces on our guest operating system. The network needs to be the internal network. For my example I used 192.168.200.100 as the guest OS ip address and the default router is 192.168.200.1 which is our gateway server. This machine is configured with a static IP address because by default the 192.168.1.X server will answer the DHCP address and assign you to the wrong subnet. To get the App Manager to work I had to download the javaws again for Linux and associate the jsp file from the www.corente.com/web site to launch using javaws. Once this was done I was able to add the guest OS as a new location.

At this point we have a gateway server configured and running and a computer inside our private subnet that can access the App Manager. This is the foundation to getting everything to work. From here you can then provision a gateway instance in the cloud service and connect your guest OS to computers in the cloud as if they were in the same data center. More on that later.

In summary, this was more difficult to do than I was hoping for. I made a few key mistakes when configuring the service. The first was not recording the IP address when I setup everything the first time. The second was using the default network behind my broadband router and not a different network address. The third was assuming that the steps presented in the documentation were the steps that I had to follow. The fourth was not knowing that I had to setup a guest OS to access the App Manager once I had the gateway configured. Each of these mistakes took hours to overcome. Each configuration and failure required starting over again from scratch and once I got to a point in the install I could not go back to scratch but had to start over with another account to get back to scratch. I am still trying to figure out how to reset the configuration for my initial account. Hopefully my slings and arrows will help you avoid the pitfalls of outrageous installations.